32 matches found
EUVD-2026-33802
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0091
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0091
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android security vulnerabilities
Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from overly privileged shell users located in multiple locations. These vulnerabilities may allow for code execution within the startup proce...
CVE-2023-43488
The vulnerability allows a low privileged untrusted application to modify a critical system property that should be denied, in order to enable the ADB Android Debug Bridge protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the physical...
EUVD-2023-47903
Malicious code in bioql PyPI...
CVE-2022-40297
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated...
CVE-1999-1585
The 1 rcS and 2 mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges...
EnerSys AMPA 安全漏洞
EnerSys AMPA is an industrial-grade battery management system from EnerSys, Inc. designed as an intelligent monitoring platform for power equipment. A security vulnerability exists in EnerSys AMPA versions 24.04 through 24.16 that stems from a command injection issue that could lead to privileged...
PT-2024-31168 · Ubiquiti · Ubiquiti Airmax
Name of the Vulnerable Software and Affected Versions: Ubiquiti AirMax firmware version 8 Description: The issue allows attackers with physical access to gain a privileged command shell via the UART Debugging Port. This can be exploited by someone with physical access to the device...
Ubiquiti AirMax 安全漏洞
Ubiquiti airMAX is a type of outdoor radio from Ubiquiti USA. A security vulnerability exists in Ubiquiti AirMax. An attacker exploited the vulnerability to obtain a privileged command shell via the UART debug port...
GNCC GC2 安全漏洞
The GNCC GC2 is an indoor security camera from GNCC. A security vulnerability exists in GNCC GC2. An attacker exploited the vulnerability to obtain a privileged command shell via the UART debug port...
PT-2024-24210 · Gncc · Gncc Gc2 Indoor Security Camera 1080P
Name of the Vulnerable Software and Affected Versions: GNCC GC2 Indoor Security Camera 1080P affected versions not specified Description: The issue allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port. This is an authentication bypass in GNCC's GC...
CVE-2024-5102
A sym-linked file accessed via the repair function in Avast Antivirus troubleshooting - repair feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the...
CVE-2023-43488
The vulnerability allows a low privileged untrusted application to modify a critical system property that should be denied, in order to enable the ADB Android Debug Bridge protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the physical...
Design/Logic Flaw
The vulnerability allows a low privileged untrusted application to modify a critical system property that should be denied, in order to enable the ADB Android Debug Bridge protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the physical...
CVE-2023-43488
The vulnerability allows a low privileged untrusted application to modify a critical system property that should be denied, in order to enable the ADB Android Debug Bridge protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the physical...
CVE-2023-43488
The vulnerability allows a low privileged untrusted application to modify a critical system property that should be denied, in order to enable the ADB Android Debug Bridge protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the physical...
Exploit for CVE-2023-21746
It is an exploit module/toolkit targeting a vulnerability in a s...
CVE-2022-40297
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated...